How severe is CVE-2024-9554?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 3.7 out of 10.

What type of vulnerability is CVE-2024-9554?

This is classified as CWE-639, which is a common weakness in software security.

CVE-2024-9554 - MEDIUM Severity | CVSS 3.7

Vulnerability Description

A vulnerability classified as problematic was found in Sovell Smart Canteen System up to 3.0.7303.30513. Affected by this vulnerability is the function Check_ET_CheckPwdz201 of the file suanfa.py of the component Password Reset Handler. The manipulation leads to authorization bypass. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2019-9219

LOW

CVSS:3.7(Low)

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control (issue 2 of 5).

CWE-6392019

CVE-2023-38872

LOW

CVSS:3.7(Low)

An Insecure Direct Object Reference (IDOR) vulnerability in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1 allows any unauthenticated attacker to access cash book entry attachments of ...

CWE-6392023

CVE-2023-44154

LOW

CVSS:3.5(Low)

Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.

CWE-6392023

CVE-2023-44205

LOW

CVSS:3.5(Low)

Sensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.

CWE-6392023

CVE-2024-29181

LOW

CVSS:3.5(Low)

Strapi is an open-source content management system. Prior to version 4.19.1, a super admin can create a collection where an item in the collection has an association to another collection. When this h...

CWE-6392024

CVE-2024-52507

LOW

CVSS:3.5(Low)

Nextcloud Tables allows users to to create tables with individual columns. The information which Table (numeric ID) is shared with which groups and users and the respective permissions was not limited...

CWE-6392024